Frequently Asked Questions
Common questions about cloud migration, security, and working with Stratus IT Consultants
General
4 questions
What is the StratusPhere?
The StratusPhere is a technical blog by me, David Liddle CCSP, a Cloud Security Solution Architect. It is focused on providing honest, practical guidance for small and medium businesses navigating cloud migration, cybersecurity, and digital transformation. We cut through vendor marketing and provide real-world advice based on actual implementation experience.
Who writes the content?
All content is written by me, David Liddle CCSP, a cloud security professional. I’m a hands-on practitioner who implements the solutions I write about, not just a consultant who recommends things I’ve never built.
How often do you publish new content?
I’ll endeavour to publish new content weekly, but the focus is on quality over quantity. I’d rather write one thoroughly researched, genuinely useful post than churn out daily content that doesn’t help anyone.
How do I subscribe to updates?
You can subscribe via the newsletter signup form in the footer of any page. I’ll send you an email when new posts are published, typically once per week. No spam, no daily emails, just the good stuff.
Cloud Migration
5 questions
When should I migrate to the cloud?
Migrate when you have a clear business reason; rapid growth requiring scalability, geographic expansion, aging infrastructure nearing refresh, or variable workloads where cloud economics make sense. Don’t migrate just because ’everyone else is doing it.’ If your current setup works well and your needs are predictable, staying on-premises might be cheaper.
Is cloud always cheaper than on-premises?
No. For predictable, always-on workloads running 24/7, on-premises is often cheaper over 3-5 years. Cloud costs more per unit of compute, but eliminates upfront investment and provides flexibility. Cloud wins when you need variable capacity, rapid scaling, or want to avoid capital expenditure. Use our Cloud Readiness Assessment to evaluate your specific situation.
How long does cloud migration take?
It depends on complexity: simple lift-and-shift migrations might take 3-6 months, while re-architecting applications can take 12-18 months or more. Don’t rush it. A phased approach (migrate non-critical systems first, learn, then tackle core systems) usually works better than ‘big bang’ migrations.
Which cloud provider should I choose?
AWS has the most features and maturity. Azure integrates well if you’re Microsoft-heavy. Google Cloud excels at data analytics and Kubernetes. For SMEs, the differences matter less than you’d think - all three are solid. Pick your provider based on; existing skills, specific services you need, regional availability, and cost for your workload. Don’t overthink it.
Should I consider a hybrid approach?
Yes, hybrid often makes the most sense. Keep stable, business-critical systems on-premises where you have control and lower costs. Use cloud for variable workloads, disaster recovery, dev/test environments, and geographic expansion. You’re not locked into all-or-nothing.
Security & Compliance
4 questions
Is cloud computing secure?
Cloud can be very secure, but security is a shared responsibility. Providers (AWS, Azure, GCP) secure the infrastructure, but you’re responsible for securing your data, applications, and configurations. A misconfigured S3 bucket is your problem, not Amazon’s. Cloud provides excellent security tools - you just need to use them correctly.
What about data sovereignty and GDPR compliance?
All major cloud providers offer region-specific data centers (UK, EU, etc.) and GDPR-compliant services. You can restrict where data is stored and processed. However, you need to configure this correctly and understand the shared responsibility model. For highly sensitive data with strict residency requirements, sovereign cloud or on-premises might be simpler.
Who can access my data in the cloud?
By default, only you and users you authorize. Cloud providers can’t access your data except in specific circumstances (legal requirements, support requests you initiate). Your data is encrypted and isolated. The bigger risk is your own team misconfiguring access controls or using weak passwords.
How does disaster recovery work in the cloud?
Cloud makes DR much more affordable. You can replicate data to multiple regions, automate backups, and test recovery without maintaining duplicate infrastructure. Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) that would cost £100K+ on-premises are achievable for a fraction of the cost in cloud.
Costs & Pricing
3 questions
How does cloud pricing actually work?
You pay for what you use: compute (CPU/RAM hours), storage (GB/month), network bandwidth (data transfer), and additional services. Pricing is complex with hundreds of options. Key gotchas: data egress (moving data out) can be expensive, idle resources still cost money, and costs can spiral without monitoring. Always set up billing alerts.
How do I avoid unexpected cloud costs?
Set up billing alerts immediately. Tag all resources to track spending by project. Right-size instances (don’t over-provision). Turn off dev/test environments when not in use. Use reserved instances or savings plans for predictable workloads. Review costs monthly and kill zombie resources. Budget 20-30% above estimates for the first year while you learn.
What's the real total cost of ownership (TCO) for cloud?
Include: compute, storage, bandwidth, licenses, management tools, training, and staff time. Many orgs underestimate bandwidth costs and management complexity. Run numbers for 3-5 years, not just year one. For steady workloads, on-premises might be 20-30% cheaper. For variable workloads, cloud can be 40-50% cheaper. It’s workload-dependent.
Working with me
4 questions
Do you offer consultancy services?
Yes. I can help SMEs with cloud strategy, migration planning, security assessments, and implementation. I’m a practitioner first, I build the solutions I recommend. If you need help beyond blog advice, contact me for a no-obligation chat.
What geographic areas do you serve?
I’m UK-based and primarily serve clients in the UK and Europe. For cloud-focused work, I can work with clients globally as much of my work is remote. Contact me to discuss your specific needs.
How do I get in touch?
Use the contact form or connect via LinkedIn (link in footer). I typically respond within 1-2 business days. For general questions, check if I’ve already answered them here in the FAQs first!
Do you have affiliate relationships?
I may incorporate affiliate marketing in the future for products and services I genuinely recommend and ampassionate about. When I do, I’ll clearly disclose it. I’ll never recommend something solely because it pays a commission. My reputation matters more than affiliate revenue.
Technical Questions
4 questions
What's the difference between IaaS, PaaS, and SaaS?
IaaS (Infrastructure as a Service): You manage the OS up - provider manages hardware. Like renting a server. PaaS (Platform as a Service): You manage only your application - provider manages OS, middleware, runtime. Like Heroku. SaaS (Software as a Service): You just use the software - provider manages everything. Like Gmail. More control = more responsibility.
Do I need Kubernetes?
Probably not. Kubernetes is powerful but complex. If you’re running a few applications and don’t need to orchestrate hundreds of containers, you don’t need it. Start simpler: VM-based or managed PaaS solutions. Kubernetes makes sense when you have dozens of microservices, need advanced orchestration, or have dedicated DevOps staff. Don’t use it just because it’s trendy.
Should I use serverless computing?
Serverless (like AWS Lambda) is great for: event-driven workloads, variable traffic patterns, or tasks that don’t run constantly. You pay only when code runs. Downsides: vendor lock-in, cold start latency, complexity debugging. For steady-state applications running 24/7, traditional compute might be cheaper and simpler.
Can I move legacy applications to the cloud?
Usually yes, but it depends. Simple ’lift and shift’ (move as-is) works for many apps but doesn’t take advantage cloud benefits. Some legacy apps with specific hardware dependencies or licensing restrictions can’t move easily. Assess each application individually. Sometimes the best answer is: leave it on-premises until you’re ready to replace it.
No FAQs found
Try different search terms or get in touch with your question.
Still have questions?
Can't find what you're looking for? Get in touch and I'll answer your questions — and probably add them to this FAQ!
Get in Touch